git.ipfire.org Git - thirdparty/bind9.git/commit

]> git.ipfire.org Git - thirdparty/bind9.git/commit

projects / thirdparty / bind9.git / commit

author	Arаm Sаrgsyаn <aram@isc.org>
	Mon, 15 Jun 2026 11:35:12 +0000 (11:35 +0000)
committer	Arаm Sаrgsyаn <aram@isc.org>
	Mon, 15 Jun 2026 11:35:12 +0000 (11:35 +0000)
commit	50dbab93404dad8df73ec063a47ae26e709bb3d2
tree	9a791525ab2abb5accb9134764d6fcd23f2a8d0c	tree \| snapshot
parent	2f3c040d19366d85c347945cfb324b7f14e76405	commit \| diff
parent	45c1d760a89d6d680c33935a53d718d1ecbd0e43	commit \| diff

fix: usr: Fix a 'deny-answer-aliases' configuration bypass issue

It was possible to use a maliciously crafted authoritative
zone to make :iscman:`named` resolver synthesize a ``DNAME``
"alias" that should have been rejected by the configured
:any:`deny-answer-aliases` option. This has been fixed.

Closes #5930

Merge branch '5930-deny-answer-aliases-and-cached-dname-buf-fix' into 'main'

See merge request isc-projects/bind9!12044

Mirror of https://gitlab.isc.org/isc-projects/bind9.git

RSS Atom